| ID |
CVE-2016-0928
|
| Summary |
Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.30 and 1.7.x before 1.7.8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:*:*:*:*:*:*:*:*
-
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.0:*:*:*:*:*:*:*
-
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.1:*:*:*:*:*:*:*
-
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.2:*:*:*:*:*:*:*
-
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.3:*:*:*:*:*:*:*
-
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.4:*:*:*:*:*:*:*
-
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.5:*:*:*:*:*:*:*
-
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.6:*:*:*:*:*:*:*
-
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:cloud_foundry_elastic_runtime:1.7.7:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 5.8 (as of 28-11-2016 - 19:56) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-601 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
| refmap
via4
|
|
| Last major update |
28-11-2016 - 19:56 |
| Published |
18-09-2016 - 02:59 |
| Last modified |
28-11-2016 - 19:56 |
